Last updated: March 21, 2026

Privacy Policy

We built ScanFix to analyze code, not people. This page explains what we collect, why we collect it, and how we protect the limited data you share with us.

No long-term code storage

Repositories are cloned temporarily for analysis and deleted when scans finish.

You stay in control

Connect only the repos you choose. Disconnect any time.

Security-first

Encryption in transit and at rest, least-privilege access, and regular reviews.

Information we collect How we use data Source code handling & security Sharing & disclosures Your rights Data retention Cookies & tracking Third-party services Contact

1. Information we collect

We only collect what we need to provide and improve the service.

Account details: name, email, and authentication metadata.
Billing: payment metadata processed securely by Stripe; we do not store card numbers.
Repository data: repo names, metadata, and code you authorize for analysis.
Usage & device: logs (IP, browser, timestamps), feature usage, and diagnostics.

2. How we use data

Run code scans and generate health reports and remediation guidance.
Provide support, communicate updates, and operate your account.
Improve detection quality, performance, and reliability of ScanFix.
Detect, investigate, and prevent abuse or security incidents.
Meet legal, accounting, and compliance obligations.

3. Source code handling & security

Temporary by design

Repositories are cloned to isolated workers for analysis, then deleted. Only findings and metrics are retained.

Encryption in transit (TLS) and at rest for stored artifacts.
Strict access controls and audit trails on production systems.
Regular security reviews and dependency scanning.
Secrets are never written to logs; secret detection is enabled by default.

5. Your rights

Access, update, or delete your personal information.
Export your data in a portable format.
Object to or restrict certain processing.
Withdraw consent for optional communications.

6. Data retention

Account data: kept while your account is active, or deleted on request.
Analysis results: retained for the life of your subscription or until you delete them.
Logs and diagnostics: typically kept for up to 90 days.
Payment records: retained as required by tax and accounting laws.

7. Cookies & tracking

We use cookies and similar technologies to keep you signed in, remember preferences, and understand usage. You can control cookies in your browser settings; disabling them may limit functionality.

8. Third-party services

GitHub, GitLab, Bitbucket: repository access and authentication.
Google: optional single sign-on.
Stripe: payment processing.
Analytics and error monitoring: to improve stability and performance.

Each provider maintains its own privacy policy.

9. Contact

Questions or requests? Reach us at:

Privacy & Data

privacy@scanfix.ai

Support

support@scanfix.ai

Back to home

We built ScanFix to analyze code, not people. This page explains what we collect, why we collect it, and how we protect the limited data you share with us.

No long-term code storage

Repositories are cloned temporarily for analysis and deleted when scans finish.

You stay in control

Connect only the repos you choose. Disconnect any time.

Security-first

Encryption in transit and at rest, least-privilege access, and regular reviews.

1. Information we collect

We only collect what we need to provide and improve the service.

Account details: name, email, and authentication metadata.
Billing: payment metadata processed securely by Stripe; we do not store card numbers.
Repository data: repo names, metadata, and code you authorize for analysis.
Usage & device: logs (IP, browser, timestamps), feature usage, and diagnostics.

2. How we use data

Run code scans and generate health reports and remediation guidance.
Provide support, communicate updates, and operate your account.
Improve detection quality, performance, and reliability of ScanFix.
Detect, investigate, and prevent abuse or security incidents.
Meet legal, accounting, and compliance obligations.

3. Source code handling & security

Temporary by design

Repositories are cloned to isolated workers for analysis, then deleted. Only findings and metrics are retained.

Encryption in transit (TLS) and at rest for stored artifacts.
Strict access controls and audit trails on production systems.
Regular security reviews and dependency scanning.
Secrets are never written to logs; secret detection is enabled by default.

5. Your rights

Access, update, or delete your personal information.
Export your data in a portable format.
Object to or restrict certain processing.
Withdraw consent for optional communications.

6. Data retention

Account data: kept while your account is active, or deleted on request.
Analysis results: retained for the life of your subscription or until you delete them.
Logs and diagnostics: typically kept for up to 90 days.
Payment records: retained as required by tax and accounting laws.

7. Cookies & tracking

We use cookies and similar technologies to keep you signed in, remember preferences, and understand usage. You can control cookies in your browser settings; disabling them may limit functionality.

8. Third-party services

GitHub, GitLab, Bitbucket: repository access and authentication.
Google: optional single sign-on.
Stripe: payment processing.
Analytics and error monitoring: to improve stability and performance.

Each provider maintains its own privacy policy.

9. Contact

Questions or requests? Reach us at:

Privacy & Data

privacy@scanfix.ai

Support

support@scanfix.ai

Privacy Policy

Contents

1. Information we collect

2. How we use data

3. Source code handling & security

5. Your rights

6. Data retention

7. Cookies & tracking

8. Third-party services

9. Contact

Privacy Policy

Contents

1. Information we collect

2. How we use data

3. Source code handling & security

5. Your rights

6. Data retention

7. Cookies & tracking

8. Third-party services

9. Contact

Privacy Policy

Contents

1. Information we collect

2. How we use data

3. Source code handling & security

4. Sharing & disclosures

5. Your rights

6. Data retention

7. Cookies & tracking

8. Third-party services

9. Contact

Privacy Policy

Contents

1. Information we collect

2. How we use data

3. Source code handling & security

4. Sharing & disclosures

5. Your rights

6. Data retention

7. Cookies & tracking

8. Third-party services

9. Contact